Servfail queries for named remote authoritative nameservers?
Daisuke HIGASHI
daisuke.higashi at gmail.com
Sat Jun 8 15:33:42 UTC 2019
Viktor Dukhovni via Unbound-users <unbound-users at nlnetlabs.nl>:
> Is it possible to quickly SERVFAIL queries for data handled by a
> particular set of remote nameservers?
Just specifying IP addresses of bad nameservers to “do-not-query-address:”
effectively prevents iterator to send queries to these servers.
do-not-query-address: 192.0.2.1 # bad nameserver
I don’t know how to specify bad nameservers directly by hostname. Your
configuration won’t work since “local-data” clause won’t inject data to
iterator. Running script which makes do-not-query-address configuration
from list of hostnames and reloading periodically would satisfy your
requirement.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20190609/5cadc5e3/attachment.htm>
More information about the Unbound-users
mailing list